NHS ransomware: UK government says it's North Korea's fault WannaCry happened

The Foreign Office said it will find, pursue and respond to the malicious activity

15/05/2017: Labour says NHS is 'wide open' to cyber attacks

The government's response to the recent NHS cyber attack has been described as 'chaotic' by Labour, arguing that recent cuts have left hospitals 'wide open' to hacks.

Shadow health secretary Jon Ashworth has said Labour would invest an extra 5 billion into new IT infrastructure for the NHS, after hospitals and services were affected by the widespread ransomware attack on Friday.

Speaking to Sky News, Ashworth said: "The truth is, if you're going to cut infrastructure budgets and if you're not going to allow the NHS to invest in upgrading its IT, then you are going to leave hospitals wide open to this sort of attack."

Advertisement - Article continues below
Advertisement - Article continues below

The comments coincide with allegations that health secretary Jeremy Hunt was previously warned that the NHS was susceptible to cyber attacks of this kind, following an assessment he commissioned last year, according to the BBC.Diane Fiona Caldicott and the Care Quality Commission assessed the cybersecurity capabilities of 60 hospitals throughout the UK, which found that not only were many sites still using outdated IT systems, but the report identified an increasing number cases where malware was being sent by email.

However, security minister Ben Wallace claimed the NHS were following "pretty good procedures" for dealing with the cyber attack, and insisted that affected trusts had enough resources to deal with attacks of this kind.

"We make sure the trusts are aware of their vulnerabilities and ask them to make sure they keep themselves up to date. What we don't do in our NHS is micromanage it from the desk," said Wallace, speaking to BBC Breakfast.

It is thought 47 NHS trusts were affected by the ransomware attack, which will continue to cause disruption through the coming week.

United Lincolnshire Trust said it has been forced to cancel all routine appointments in its hospitals on Monday, while Northumbria Healthcare has postponed all CT and MRI scans until further notice.Southport and Ormskirk Hospital Trust will run GP appointments as normal on Monday throughout West Lancashire, however it is advising patients to expect severe delays.

15/05/2017:Microsoft points to NSA leaks for NHS ransomware

Advertisement - Article continues below

Microsoft has confirmed the exploits that took out NHS networks and others around the world last week were stolen from the US National Security Agency, as security experts warned the ransomware could start spreading again today as workers startup their computers.

On Friday, the WannaCrypt or WannaDecryptor malware exploded across networks, including 16 NHS systems, leading to ambulances being diverted and some appointments being cancelled. The ransomware wasn't specifically targeted at the NHS, but part of a wider attack that took in organisations around the world.

The spread of the ransomware was partially halted by one British security researcher, who bought a domain listed in software and was rewarded for their efforts by having their identity revealed by British tabloids.

Microsoft also released a patch for XP, which is no longer being supported except by special arrangement and extra fees, which the British government decided against paying. NHS Direct said fewer than 4.7% of its devices use XP, and that includes "expensive hardware" such as MRI scanners that aren't easily updated.

Advertisement - Article continues below

In a blog post, Microsoft's legal counsel Brad Smith said companies like his own were "increasingly among the first responders" in such attacks, and that online security is a "shared responsibility between tech companies and customers".

Customers be they individuals or corporations need to keep their machines updated, but Smith admitted that's not always easy, adding "we are dedicated to developing further steps to help ensure security updates are applied immediately to all IT environments".

Advertisement - Article continues below

Such work is made harder when governments are stockpiling and then losing vulnerabilities, he added, confirming that the exploits abused to infect the NHS and the other organisations on Friday were indeed those stolen by the NSA earlier this year.

"We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world," he said. "Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage. An equivalent scenario with conventional weapons would be the US military having some of its Tomahawk missiles stolen."

Smith said the attack should be a "wake-up call" to governments on cybersecurity. "They need to take a different approach and adhere in cyberspace to the same rules applied to weapons in the physical world," he said. "We need governments to consider the damage to civilians that comes from hoarding these vulnerabilities and the use of these exploits."

Featured Resources

Digitally perfecting the supply chain

How new technologies are being leveraged to transform the manufacturing supply chain

Download now

Three keys to maximise application migration and modernisation success

Harness the benefits that modernised applications can offer

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

The 3 approaches of Breach and Attack Simulation technologies

A guide to the nuances of BAS, helping you stay one step ahead of cyber criminals

Download now

Most Popular

operating systems

17 Windows 10 problems - and how to fix them

13 Jan 2020
public sector

UK gov launches £300,000 SEN EdTech initiative

22 Jan 2020

Windows 10 and the tools for agile working

20 Jan 2020
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020